CVE-2021-33797 Information

Description

Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floating point exponent which leads to a buffer overflow in the pointer d.

Reference

https://github.com/ccxvii/mujs/commit/833b6f1672b4f2991a63c4d05318f0b84ef4d550 https://github.com/ccxvii/mujs/issues/148